Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unable to connect to internet with laptop


  • This topic is locked This topic is locked
4 replies to this topic

#1 clive1

clive1

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:herts uk
  • Local time:03:24 AM

Posted 26 March 2011 - 04:15 PM

hi,

Hoping for some help please

Background

I have a pc running windows xp home edition and an acer laptop running Vista.

Last week both running fine and connecting to internet wifi.

The internet network in my area went down and whaen it resumed my hub would not lock back on [dreaded flashing lights on box]

Informed isp who eventually despatched engineer. He changed the router and with a lot of phone calls got the connection back and went on his way.

A couple of days later I tried to use the laptop having transfered all new settings via the network setup wizard and tried to connect.

All I got was the page not found error and the repair utility informed me that the dns server had not responded.

In network connections the laptop was shown as being connected to unidentified network with a red cross in front of the internet symbol.



After exhausting all possibilities I could think of today I phoned the ISP technical help.

They tried what they could with pings etc but in the end said there was nothing wrong with the broadband connection and passed me to their domestic help centre.

They took ove remote control and ran some tests with the laptop connected by ethernet and asked me to ring them.

I rang and a very nice guy went through the same things again resetting ips, resetting winsocks etc but end result same no connection, the signal seems to get as far as the route and expires!!!


He then suggested running combo fix as a last chance and if that didn't work then it would be an os reinstall.

So I have run combo fix attached are two log files. One is vista re the lap top and the other is xp re the pc. I so hope they meanAttached File  ComboFix vista.txt   12.53KB   1 downloadsAttached File  ComboFix xp.txt   19.26KB   3 downloads something to someone!!!


I shall be all eys and ears!!!

Many thanks

Clive

Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:24 AM

Posted 01 April 2011 - 07:12 PM

Hello and welcome to Bleeping Computer :welcome:

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log




Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 clive1

clive1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:herts uk
  • Local time:03:24 AM

Posted 07 April 2011 - 11:59 AM

Hi Sorry for delay,

Ok as you can see from original post I have a desktop pc running xp and a laptop running vista.

The desktop is connected to a virgin hub and connects fine to the internet.

The laptop connects wirelessly to the hub but will not connect to the internet as it used to do before virgin changed the hub.

here is the dds xp log

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Computer at 6:46:33.59 on 02/04/2011
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2490 [GMT 1:00]
.
FW: ZoneAlarm Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\What's my computer doing\WhatsMyComputerDoing.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\nHancer\nHancerService.exe
C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Computer\Desktop\dds.pif
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.virginmedia.com/
uURLSearchHooks: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZon1.dll
uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - c:\program files\family toolbar\tbhelper.dll
BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - c:\program files\family toolbar\tbcore3.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZon1.dll
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc0.dll
BHO: CMySite Class: {d62ec836-bf1e-4cac-81be-fb9179835d8e} - c:\program files\family toolbar\mhxpcomi.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZon1.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Family Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - c:\program files\family toolbar\tbcore3.dll
TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [ProfilerU] c:\program files\saitek\sd6\software\ProfilerU.exe
mRun: [SaiMfd] c:\program files\saitek\sd6\software\SaiMfd.exe
mRun: [lxctmon.exe] "c:\program files\lexmark 5400 series\lxctmon.exe"
mRun: [Lexmark 5400 Series Fax Server] "c:\program files\lexmark 5400 series\fm3032.exe" /s
mRun: [EzPrint] "c:\program files\lexmark 5400 series\ezprint.exe"
mRun: [LXCTCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCTtime.dll,_RunDLLEntry@16
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ServiceManager.exe] "c:\program files\virgin media\service manager\ServiceManager.exe" /AUTORUN
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\what's~1.lnk - c:\program files\what's my computer doing\WhatsMyComputerDoing.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285407735640
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1285407614640
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} - hxxps://ediagnostics.lexmark.com/serval.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - c:\program files\family toolbar\mhxpcomi.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\computer\applic~1\mozilla\firefox\profiles\eofemgq8.default\
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\checkpoint\zaforcefield\TrustChecker
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2010-9-26 3968]
R1 RapportCerberus_23945;RapportCerberus_23945;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\23945\RapportCerberus_23945.sys [2011-3-15 55224]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2010-12-29 63160]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2010-12-29 156344]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-10-2 532224]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-9-2 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-9-2 493048]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2010-12-29 821048]
R2 ServicepointService;ServicepointService;c:\program files\virgin media\service manager\ServicepointService.exe [2011-3-26 689464]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-4-24 483688]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\drivers\atl01_xp.sys [2009-12-19 35712]
R3 SaiH0BAC;SaiH0BAC;c:\windows\system32\drivers\SaiH0BAC.sys [2010-1-3 135168]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2009-12-2 554344]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2009-12-2 211432]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-12-2 20584]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2009-12-2 18280]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-4-24 209768]
S1 ethhgtlr;ethhgtlr;c:\windows\system32\drivers\ethhgtlr.sys [2010-4-21 140288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-11 135664]
S2 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688]
S2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2010-11-16 267568]
S3 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
.
=============== Created Last 30 ================
.
2011-03-27 08:21:12 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-27 08:03:43 -------- d-----w- c:\docume~1\computer\locals~1\applic~1\IncrediMail_MediaBar_2
2011-03-27 08:03:30 -------- d-----w- c:\docume~1\computer\locals~1\applic~1\ConduitEngine
2011-03-27 08:03:29 -------- d-----w- c:\program files\ConduitEngine
2011-03-27 08:03:27 -------- d-----w- c:\program files\IncrediMail_MediaBar_2
2011-03-26 20:10:35 -------- d-sha-r- C:\cmdcons
2011-03-26 20:05:25 98816 ----a-w- c:\windows\sed.exe
2011-03-26 20:05:25 89088 ----a-w- c:\windows\MBR.exe
2011-03-26 20:05:25 256512 ----a-w- c:\windows\PEV.exe
2011-03-26 20:05:25 161792 ----a-w- c:\windows\SWREG.exe
2011-03-26 17:21:23 -------- d-----w- c:\docume~1\computer\locals~1\applic~1\ICS
2011-03-26 17:17:24 -------- d-----w- c:\docume~1\computer\applic~1\Virgin Media
2011-03-26 17:17:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\Radialpoint
2011-03-26 17:17:19 -------- d-----w- c:\program files\Virgin Media
2011-03-26 17:17:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\Virgin Media
2011-03-16 19:35:16 -------- d-----w- c:\docume~1\computer\locals~1\applic~1\FixItCenter
2011-03-16 12:58:12 -------- d-----w- c:\windows\MATS
2011-03-16 12:58:11 -------- d-----w- c:\program files\Microsoft Fix it Center
2011-03-16 12:53:27 -------- d-----w- c:\docume~1\computer\applic~1\ElevatedDiagnostics
2011-03-12 12:28:40 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-03-12 12:28:40 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-03-12 06:40:54 -------- d-----w- c:\docume~1\computer\locals~1\applic~1\Xenocode
.
==================== Find3M ====================
.
2011-03-26 10:02:35 240592 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-03-26 10:02:35 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-03-26 10:01:32 240592 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 21:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 19:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 6:48:11.50 ===============



here are the vista files from laptop

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Computer at 18:27:08.50 on 02/04/2011
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.895.332 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\System32\alg.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k wdisvc
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
F:\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.virginmedia.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc2.dll
mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc2.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc2.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - c:\program files\incredimail_mediabar_2\prxtbInc2.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: tesco.com\www
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C0B8E968-6A2B-4825-8029-A92874CA6BD5} - hxxp://vivfilms.vividas.com/video/player/player_ocx.jpeg
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
============= SERVICES / DRIVERS ===============
.
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-21 135664]
.
=============== Created Last 30 ================
.
2011-03-27 11:24:03 -------- d-----w- C:\atheros_v7.3.1.109_v1.15
2011-03-26 20:26:49 -------- d-----w- c:\users\computer\appdata\local\temp
2011-03-26 20:25:04 -------- d-sh--w- C:\$RECYCLE.BIN
2011-03-26 20:12:05 98816 ----a-w- c:\windows\sed.exe
2011-03-26 20:12:05 89088 ----a-w- c:\windows\MBR.exe
2011-03-26 20:12:05 256512 ----a-w- c:\windows\PEV.exe
2011-03-26 20:12:05 161792 ----a-w- c:\windows\SWREG.exe
2011-03-26 15:14:05 5943120 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d6484ffc-5139-49eb-94da-887a39ab0275}\mpengine.dll
2011-03-23 15:48:14 -------- d-----w- c:\users\computer\appdata\roaming\PeerNetworking
.
==================== Find3M ====================
.
2011-04-02 16:51:43 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-03-27 10:38:26 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-03-27 10:38:06 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-03-01 19:36:30 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-02-02 17:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 18:28:13.52 ===============






==== Event Viewer Messages From Past Week ========
.
3/27/2011 12:13:04 PM, Error: Microsoft-Windows-Eventlog [30] - The event logging service encountered an error (5) while enabling publisher {DBE9B383-7CF3-4331-91CC-A3CB16A3B538} to channel Microsoft-Windows-Winlogon/Operational. This doesn't affect operation of the channel, but does affect the ability for the publisher to raise events to the channel. One common reason for this error is that Provider is using ETW Provider Security and has not granted enable permissions to the Eventlog service identity.
3/27/2011 12:11:30 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x80070005' when adding the URL 'http://+:10243/WMPNSSv4/2416817604/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
3/27/2011 12:11:30 PM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
3/27/2011 12:08:51 PM, Error: Service Control Manager [7023] - The Secure Socket Tunneling Protocol Service service terminated with the following error: The system cannot find the file specified.
3/27/2011 12:08:51 PM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Secure Socket Tunneling Protocol Service service which failed to start because of the following error: The system cannot find the file specified.
3/27/2011 12:08:51 PM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The dependency service or group failed to start.
3/27/2011 10:41:49 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.189.191.164 for the Network Card with network address 0015AF4D93D5 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/27/2011 10:40:29 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{752CB3A8-9943-4BBF-BDCF-A84C99DB9F16} because another computer on the network has the same name. The server could not start.
3/27/2011 10:40:29 AM, Error: netbt [4321] - The name "COMPUTER-PC :20" could not be registered on the interface with IP address 10.189.191.164. The computer with the IP address 169.254.154.249 did not allow the name to be claimed by this computer.
3/27/2011 10:40:29 AM, Error: netbt [4321] - The name "COMPUTER-PC :0" could not be registered on the interface with IP address 10.189.191.164. The computer with the IP address 169.254.154.249 did not allow the name to be claimed by this computer.
3/26/2011 8:13:36 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/26/2011 6:08:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr Wanarpv6
3/26/2011 6:08:36 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/26/2011 6:08:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/26/2011 6:07:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
3/26/2011 6:07:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/26/2011 6:07:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/26/2011 5:55:44 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.3 with the system having network hardware address 00-1A-92-05-7D-CA. Network operations on this system may be disrupted as a result.
3/26/2011 4:55:39 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
3/26/2011 4:55:39 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 169.254.43.156, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
3/26/2011 4:55:35 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.5 with the system having network hardware address 00-15-AF-4D-93-D5. Network operations on this system may be disrupted as a result.
3/26/2011 3:17:19 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.189.191.163 for the Network Card with network address 0015AF4D93D5 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/26/2011 3:16:39 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
3/26/2011 3:16:37 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.5 for the Network Card with network address 0015AF4D93D5 has been denied by the DHCP server 10.189.191.161 (The DHCP Server sent a DHCPNACK message).
3/26/2011 3:04:57 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 7, function 0. Please contact your system vendor for technical assistance.
3/26/2011 3:04:57 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 6, function 0. Please contact your system vendor for technical assistance.
3/26/2011 3:04:55 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 5, function 0. Please contact your system vendor for technical assistance.
3/26/2011 3:04:55 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 4, function 0. Please contact your system vendor for technical assistance.
.
==== End Of File ===========================


I hope all this means something to someone!!

best regards

Clive

Edited by clive1, 07 April 2011 - 12:02 PM.


#4 clive1

clive1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:herts uk
  • Local time:03:24 AM

Posted 10 April 2011 - 02:41 PM

All is now fixed!!!!!!!!!



It was a driver issue between the atheros wireless card and the router.



The driver on the lap top was a 2007 version.

I used a program called driverfetch to check out the laptop by downloading to a flash drive, then installed from flash drive to laptop. Ran the program which identified all out of date drivers. The report was saved to the flashdrive which in turn was uploaded to the internet site by the desktop. All required drivers then downloaded to flashdrive and installed to laptop, and hey presto connected straight away . The new driver is a 2009 version. a few other drivers were also installed along with 58 microsoft updates !!!



Anyway many thanks to those who responded and thanks for the clues



cheers



Clive

#5 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:24 AM

Posted 15 April 2011 - 05:14 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users